Who says only developers have imaginative ideas, scamsters are always one step ahead of ideas even in the field of creativity.  A top trending paste on Pastebin says that a user by the name of Jim the The P1st0l has hacked the website of bitcoin.lixter.com under an operation called Operation Piratecrypt and has leaked around 261 email ids and passwords. Now a little bit of background check on the affected website ie bitcoin.lixter.com reveals that this is a phishing site hosted on a free webhosting (lixter.com) and the Paste has affectivly been posted to lure bitcoin owners into divulging their ids to the scamters. 
Fake Bitcoin leaks(username and passwords) leads to phishing attacks
The scam works on simple theory of acting on the greed and curiosity of the pastebin reader.  Acting on the leaks, a person may enter the email id and password from the leak to transfer the bitcoins to his/her name.  To transfer any bitcoin, they need to put their credentials and ultimately giving their own bitcoins wallet information to the scamsters and loose the bitcoins in their own accounts.  The scamsters, in this case hoped for a similar result.  The Paste which is pasted on Pastebin here, has been trending for last 24 hours so the scamsters may feel that some of the readers may fall prey to their phishing campaign.

Logging into the bitcoin.lixter.com takes users to another website buybitcoin.pixub.com which then asks the users for the wallet ids and passwords to which they want the bitcoins to be transfered.  
Fake Bitcoin leaks(username and passwords) leads to phishing attacks
Subdomains under lixter.com have already been marked as phishing pages by Clean MX, a realtime data base regulator.  In addition to bitcoin.lixter.com, Clean MX also states that the domain is being used for phishing PayPal, MasterCard and Interbank account holders.
Fake Bitcoin leaks(username and passwords) leads to phishing attacks
Eset and several other Antivirus firms have classified the lixter.com domain  as a phishing threat

Fake Bitcoin leaks(username and passwords) leads to phishing attacks

A search on google gives the description of bitcoin.lixter.com as 

What is LIXTER? Built and operated in the United Kingdom, LIXTER is the next generation crypto trading platform created by security professionals. We are …

Fake Bitcoin leaks(username and passwords) leads to phishing attacks

It is possible that there are several more phishing websites like these, Readers are advised not to fall prey to such fake pastes and such phishing scams. 

2 COMMENTS

  1. Scary thing is they appear to have got real usernames and passwords from somewhere. One of my addresses is on that list and a real password I’ve used in the past. The password was not from any of my bitcoin accounts or forums. So it is compromised credentials from a real hack being used to bait bitcoin users.

LEAVE A REPLY

Please enter your comment!
Please enter your name here